Page 1 of 1

clamav rules

Posted: Mon Jun 11, 2018 3:52 pm
by ikkk
is there a problem with the updates to clamav rules at present - they are all downloading as zero byte files.
which causes a corrupt file and therefore makes clamav offline.

Re: clamav rules

Posted: Mon Jun 11, 2018 4:00 pm
by ikkk
looks like it went off about 6pm on the 9th (UK time)

Re: clamav rules

Posted: Tue Jun 12, 2018 5:39 am
by ikkk

Code: Select all

-rw------- 1 root root 1837750 Jun  5 19:15 clamav-201806051325.tar.bz2
-rw------- 1 root root     353 Jun  9 18:09 clamav-201806091236.tar.bz2
-rw------- 1 root root     353 Jun 10 20:04 clamav-201806101435.tar.bz2
-rw------- 1 root root     356 Jun 12 10:25 clamav-201806111346.tar.bz2
You can clearly see from here its not downloading correctly.
and the update logic is flawed

Code: Select all

4 9998 AUM::_upgrade                 Checking CLAMAV
4 9998 AUM::_download_rules          downloading rules: clamav 201806111346
4 9998 ASDF                          file downloaded: /var/asl/updates/clamav-201806111346.tar.bz2
4 9998 ASDF                          file exists: /var/asl/updates/clamav-201806111346.tar.bz2
4 9998 ASDF                          bz -t: 0
4 9998 ASDF                          tar t: 0
4 9998 ASDF                          flag_good: 1
4 9998 FDSA                          rm -rf /var/asl/rules/clamav
4 9900 ASLCommon::cmd_system         OK: '/bin/rm -rf /var/asl/rules/clamav'
4 9900 ASLCommon::cmd_system         OK: '/bin/tar jxf /var/asl/updates/clamav-201806111346.tar.bz2 > /dev/null 2>&1'
4 9998 c_clamav::apply_rules         applying rules
4 9900 ASLCommon::cmd_system         OK: 'rm -f /var/clamav/ASL* >/dev/null 2>&1'
2 9901 ASLCommon::cmd_system         ERROR: '/usr/bin/clamscan -d /var/asl/rules/clamav/* /etc/asl/config >/dev/null 2>&1 (2)'
4 9900 ASLCommon::cmd_system         OK: '/bin/cp -r /var/asl/rules/clamav/*db /var/clamav/'
4 9900 ASLCommon::cmd_system         OK: '/bin/chmod 0644 /var/clamav/*'
The system sees there is a fail BUT it still copys the failed rules into place!!!!

Re: clamav rules

Posted: Tue Jun 19, 2018 4:15 pm
by mikeshinn
This is expected if the system does not have a valid license.